Jump to content
Just visiting?

GDPR / DPA2018 and Your Data Rights

foreveryoung

By foreveryoung
in Off Topic

 Share

Recommended Posts

Rds1983 Grand Master

Rds1983

Posted
  • VT Supporter
Posted

Interesting timing with this thread for me. I've just done a sideways move at the Bank from auditing supplier's GDPR controls and compliance (among many other things) to being a full time data privacy manager. 

  • Like 1
Link to comment
Share on other sites
Rds1983 Grand Master

Rds1983

Posted
  • VT Supporter
Posted

Following the ICO virtual conference yesterday they've published some guidance I'm sure some of you might find interesting:

https://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2023/10/ico-publishes-guidance-to-ensure-lawful-monitoring-in-the-workplace

"

If an organisation is looking to monitor workers, it must take steps including: 

  • Making workers aware of the nature, extent and reasons for monitoring.
  • Having a clearly defined purpose and using the least intrusive means to achieve it.
  • Having a lawful basis for processing workers data – such as consent or legal obligation.
  • Telling workers about any monitoring in a way that is easy to understand.
  • Only keeping the information which is relevant to its purpose.
  • Carrying out a Data Protection Impact Assessment for any monitoring that is likely to result in a high risk to the rights of workers.
  • Making the personal information collected through monitoring available to workers if they make a Subject Access Request (SAR)."
Link to comment
Share on other sites
bickster Grand Master

bickster

Posted
  • Moderator
Posted
1 hour ago, Rds1983 said:

Following the ICO virtual conference yesterday they've published some guidance I'm sure some of you might find interesting:

https://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2023/10/ico-publishes-guidance-to-ensure-lawful-monitoring-in-the-workplace

"

If an organisation is looking to monitor workers, it must take steps including: 

  • Making workers aware of the nature, extent and reasons for monitoring.
  • Having a clearly defined purpose and using the least intrusive means to achieve it.
  • Having a lawful basis for processing workers data – such as consent or legal obligation.
  • Telling workers about any monitoring in a way that is easy to understand.
  • Only keeping the information which is relevant to its purpose.
  • Carrying out a Data Protection Impact Assessment for any monitoring that is likely to result in a high risk to the rights of workers.
  • Making the personal information collected through monitoring available to workers if they make a Subject Access Request (SAR)."

There seems to be absolutely nothing new in there. It all seems exactly as you’d think it was. Thanks for sharing though.

Link to comment
Share on other sites
Rds1983 Grand Master

Rds1983

Posted
  • VT Supporter
Posted
52 minutes ago, bickster said:

There seems to be absolutely nothing new in there. It all seems exactly as you’d think it was. Thanks for sharing though.

I think it's more reiterating their stance and clarifying it again.

There's a definite increase in firms wanting to do stuff like this so their keen to make sure firms don't cross the line as a lot of non DP people won't even consider the risks.

  • Like 1
Link to comment
Share on other sites
  • 1 month later...
bickster Grand Master

bickster

Posted
  • Moderator
Posted
13 minutes ago, Rds1983 said:

I'm curious how many People on the site have read the updated DPN or if I'm the only one?

Did you compare it to the last one and identify the changes? :D 

I did skip read it last night as I was in need of a solution to get me to sleep

  • Haha 1
Link to comment
Share on other sites
Rds1983 Grand Master

Rds1983

Posted
  • VT Supporter
Posted
36 minutes ago, bickster said:

Did you compare it to the last one and identify the changes? :D 

I did skip read it last night as I was in need of a solution to get me to sleep

Of course and I can see the change about Google analytics. 

Spoiler

Not really. Limpid kindly told me in a DM as I'd asked him a question on it. I'm ashamed to say I hadn't read it before. Didn't know about Data Privacy when I joined the site and hadn't really considered it for here since.

 

Link to comment
Share on other sites
bickster Grand Master

bickster

Posted
  • Moderator
Posted
21 minutes ago, limpid said:

It's a privacy policy. \What does DPN stand for?

Decentralised Private networks in my book

It's another of those terms that has crept into some peoples usage erroneously, see also DSAR when it's SAR

  • Haha 1
Link to comment
Share on other sites
Rds1983 Grand Master

Rds1983

Posted
  • VT Supporter
Posted
Just now, bickster said:

Decentralised Private networks in my book

Data Privacy/Protection Notice. More formal way of saying the Privacy Policy and what they're called at work so is force of habit for me. It's also quicker to type.

Link to comment
Share on other sites
bickster Grand Master

bickster

Posted
  • Moderator
Posted
1 minute ago, Rds1983 said:

Data Privacy/Protection Notice. More formal way of saying the Privacy Policy and what they're called at work so is force of habit for me. It's also quicker to type.

Yes but the point is that DPN actually already stands for something else

Link to comment
Share on other sites
rjw63 Grand Master

rjw63

Posted
Posted
On 30/09/2023 at 07:42, Rds1983 said:

Interesting timing with this thread for me. I've just done a sideways move at the Bank from auditing supplier's GDPR controls and compliance (among many other things) to being a full time data privacy manager. 

So that's why you're on VillaTalk all day.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

spacer.png

  • Like 1
Link to comment
Share on other sites
Rds1983 Grand Master

Rds1983

Posted
  • VT Supporter
Posted
23 minutes ago, bickster said:

Yes but the point is that DPN actually already stands for something else

Every three letter acronym has a multitude of meanings depending on the context. They're often potentially linked to which causes headaches. 

Link to comment
Share on other sites
  • 2 weeks later...
Rds1983 Grand Master

Rds1983

Posted
  • VT Supporter
Posted

https://iapp.org/news/a/uk-gdpr-reforms-move-forward-in-uk-parliament/

"On 29 Nov., the proposed U.K. Data Protection and Digital Information Bill moved a step closer to passage.

The U.K. House of Commons voted to avoid recommitting the bill following the recent introduction of U.K. government-backed amendments, instead moving the proposal to the report stage of consideration. If the recommittal vote succeeded, the bill and its proposed changes would've moved back to the committee debate.

The bill, originally published 8 March — the first day of IAPP's Data Protection Intensive in London — seeks to make various reforms to the U.K. General Data Protection Regulation and Data Protection Act 2018."

Some good, some bad, but feel it'll just be rewritten by Labour when they get in anyway.

Link to comment
Share on other sites
 Share
Go to topic listing
×
×
  • Create New...
Â